package com.chb.realm;

import javax.annotation.Resource;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

import com.chb.entity.sys.User;
import com.chb.repository.sys.UserRepository;

/**
 * 自定义Realm
 * @author Administrator
 * AuthorizingRealm  这个类是 apache 里面的shiro中的   
 */
public class MyRealm extends AuthorizingRealm{

	@Resource
	public UserRepository userRepository;  //注入userepository 接口 
	
	/**
	 * 授权
	 */
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
	 
		return null;
	}

	/**
	 * 权限认证
	 */
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
	 
		//1.通过用户名 查找用户的对象
		String userName=(String) token.getPrincipal();
		User user=this.userRepository.findByUserName(userName);
		if(user!=null)
		{
			//AuthenticationInfo接口实现
			AuthenticationInfo atcf=new SimpleAuthenticationInfo(user.getUserName(),user.getPassword(),"chb");
			return atcf;
		}
		
		return null;
	}

}
